From c73a3a067b1463add179b7c348d901e51687e3e7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Neven=20Kaji=C4=87?= <nkajic@users.noreply.github.com>
Date: Tue, 26 Oct 2021 14:10:33 +0200
Subject: [PATCH] Fix FISKAL_2 serial number overflow

---
 lib/Client.php | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/lib/Client.php b/lib/Client.php
index 098400e..165c886 100644
--- a/lib/Client.php
+++ b/lib/Client.php
@@ -479,9 +479,31 @@ private function getCertificateIssuerName()
      */
     private function getCertificateIssuerSerialNumber()
     {
+        // 1.) We need to use serialNumberHex since serialNumber is not to be trusted
+        // Pls. see last comment on https://bugs.php.net/bug.php?id=77411&edit=1
+
+        // 2.) Some (new?) FISKAL_2 certificates have serial number which exceeds int32 limit
+
         $publicCertData = $this->getPublicCertificateData();
+        return $this->bchexdec($publicCertData['serialNumberHex']);
+    }
 
-        return $publicCertData['serialNumber'];
+    /**
+     * Convert "big" hex to string representing integers which exceeds int32 limit
+     * see getCertificateIssuerSerialNumber()
+     * https://stackoverflow.com/questions/1273484/large-hex-values-with-php-hexdec
+     *
+     * @param string $hex
+     * @return string
+     */
+    public function bchexdec($hex)
+    {
+        $dec = 0;
+        $len = strlen($hex);
+        for ($i = 1; $i <= $len; $i++) {
+            $dec = bcadd($dec, bcmul(strval(hexdec($hex[$i - 1])), bcpow('16', strval($len - $i))));
+        }
+        return $dec;
     }
 
     /**